TrojanDownloader:JS/Agent.HL

The TrojanDownloader:JS/Agent.HL will install rogue security software Power Undelete Wizard into the affected computers without users knowledge. The TrojanDownloader:JS/Agent.HL file size is 961024 bytes.

Payload

Once launched, the TrojanDownloader:JS/Agent.HL performs the following actions:

Download rogue security tool Power Undelete Wizard from the following domains:http://www.power-undelete.com/

Modify the properties of the following files:%SYSTEMROOT%:\WINDOWS\System32\DriverStore\FileRepository\prnhp002.inf_amd64_neutral_04d05d1f6a90ea24\Amd64\\HPCDMCLH.DLL